All server log messages (except the contents of the inbound requests and the outbound responses) are prefixed with their respective tracking IDs, which helps locating related log messages and payloads for a given transaction for troubleshooting.

  1. Ask the user for the Tracking ID value in the error message.
  2. Search for the tracking ID in the server log, for example:
  3. Use the tracking ID to review log messages and payloads pertaining to this transaction.

Generally speaking, log messages that are tagged with WARN or ERROR, or prefixed with Caused by are most useful.

Example

Suppose an error had occurred and the associated the tracking ID was V3IwuUsy8PQp-9ZbE9UfUjOEo9c. Based on the tracking ID, you found the following log message:

2015-12-03 11:13:33,784 tid:V3IwuUsy8PQp-9ZbE9UfUjOEo9c DEBUG [org.sourceid.servlet.HttpServletRespProxy] adding lazy cookie Cookie{PF=OaxBwPGw5OBeHVXe1sgifB7iZR5Rz2VI4rhJwqUSIXV; path=/; maxAge=-1; domain=null} replacing null

After reviewing the related log messages, you found the next few messages:

2015-12-03 12:36:21,176 tid:V3IwuUsy8PQp-9ZbE9UfUjOEo9c ERROR [org.sourceid.saml20.profiles.idp.HandleAuthnRequest] Exception occurred during request processing org.sourceid.websso.profiles.RequestProcessingException: Unexpected Runtime Authn Adapter Integration Problem.

...

Caused by: org.sourceid.saml20.adapter.AuthnAdapterException: Could not obtain attributes from the IdP Authentication Service.

Based on these log messages, the remedy is to review and update the configuration of the applicable IdP adapter instance.